what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 381 RSS Feed

Files Date: 2021-02-01 to 2021-02-28

CIRA Canadian Shield Man-In-The-Middle
Posted Feb 23, 2021
Authored by David Coomber

The Canadian Internet Registration Authority (CIRA) Canadian Shield iOS application versions 4.0.12 and below do not validate the SSL certificate it receives when connecting to the application server.

tags | advisory
systems | ios
advisories | CVE-2021-27189
SHA-256 | 45101c457e72359c021a13cf5308d10f34eba950e27a433202de650671c113b1
Ubuntu Security Notice USN-4467-3
Posted Feb 23, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4467-3 - USN-4467-1 fixed vulnerabilities in QEMU. The fix for CVE-2020-13754 introduced a regression in certain environments. This update fixes the problem. Ren Ding, Hanqing Zhao, Alexander Bulekov, and Anatoly Trosinenko discovered that the QEMU incorrectly handled certain msi-x mmio operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-13754
SHA-256 | 0af9f05cea9149bfe3ca52b755be60ad5124e2d45b7d3706d47f59dfa1ef633c
Batflat CMS 1.3.6 Cross Site Scripting
Posted Feb 23, 2021
Authored by Tadjmen

Batflat CMS version 1.3.6 suffers from multiple persistent cross site scripting vulnerabilities.

tags | exploit, vulnerability, xss
SHA-256 | d607d6b6b12d1abb1b361fd3bd0fbdfd9cf588f5663e8b1bee73a35f5ad78e5c
HFS (HTTP File Server) 2.3.x Remote Code Execution
Posted Feb 23, 2021
Authored by Pergyz

HFS (HTTP File Server) version 2.3.x remote code execution exploit.

tags | exploit, remote, web, code execution
advisories | CVE-2014-6287
SHA-256 | d5259779819e2ec48d535d544c03503c184fbc5382e90d8a57b7ba07265969f1
Monica 2.19.1 Cross Site Scripting
Posted Feb 23, 2021
Authored by BouSalman

Monica version 2.19.1 suffers from a cross site scripting vulnerability.

tags | exploit, xss
advisories | CVE-2021-27370
SHA-256 | 9a749153f4cd4394f9758c02f0debd7df8c4212f83fd0ccbdfa4aa5fef9a7378
eChat 1.0 SQL Injection
Posted Feb 23, 2021
Authored by sML

eChat version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection
SHA-256 | ae150e4fcab44e39b6a08ed633d7b544d1982a81eea8cc0645401ff70b803c5b
Product Key Explorer 4.2.7 Denial Of Service
Posted Feb 23, 2021
Authored by Sinem Sahin

Product Key Explorer version 4.2.7 suffers from a denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 44d3470f58a697d73857e77298e36651d116ac93496ef4851d39debbcd34fe99
Windows/x86 Add User Alfred Shellcode
Posted Feb 23, 2021
Authored by Armando Huesca Prida

240 bytes small Windows/x86 add user Alfred to administrators/remote desktop users group shellcode.

tags | remote, x86, shellcode
systems | windows
SHA-256 | 87baea02c93852f7ff91efddf99dce46312ecdece68e0c0d68050ac306f14f2d
Mobile Security And Penetration Testing
Posted Feb 23, 2021
Authored by Furkan Enes Polatoglu

Whitepaper called Mobile Security and Penetration Testing. Written in Turkish.

tags | paper
SHA-256 | 56bcdaf3cd7bc5cd83f8a5559d8985f7fe6e7e70d6985f586acb76d64834d173
OpenDNSSEC 2.1.8
Posted Feb 22, 2021
Site opendnssec.org

OpenDNSSEC is software that manages the security of domain names on the Internet. The project intends to drive adoption of Domain Name System Security Extensions (DNSSEC) to further enhance Internet security.

Changes: Upgraded autoconf/automake configuration chain for version 2.69/1.16.2. Fix to crash when using ods-enforcer set-policy command. Fix to crash in case zone file not present while getting a signconf update and state flush command. Modified the purging of keys, to make it automatic to purge keys from the HSM. Fix that caused crash when signer was offline for a prolonged period (but the enforcer wasn't) in the middle of a ZSK roll. Memory leak was addressed when receiving NOTIFY for non-existent zone.
tags | tool
systems | unix
SHA-256 | 900a213103ff19a405e446327fbfcea9ec13e405283d87b6ffc24a10d9a268f5
Global Socket 1.4.24
Posted Feb 22, 2021
Authored by thc | Site thc.org

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

Changes: EEElite-Console, File Transfer and alerts when admin logs in.
tags | tool, tcp
systems | unix
SHA-256 | 0dd41d5c99202fa4387bb5b9db7ce55236fc913b65e3a9fb58f697d3480f14ef
Wapiti Web Application Vulnerability Scanner 3.0.4
Posted Feb 22, 2021
Authored by Nicolas Surribas | Site wapiti.sourceforge.net

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities.

Changes: Added more payloads for code execution. 5 new module updates. Additions to cross site scripting and SQL injection attacks. Various other updates.
tags | tool, web, scanner, vulnerability
systems | unix
SHA-256 | 8b696753a37506f0c3e8f542cb60e9f8198bb1bafd1a1dc97fbb9592becf31f3
I2P 0.9.49
Posted Feb 22, 2021
Authored by welterde | Site i2p2.de

I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.

Changes: Various updates.
tags | tool
systems | unix
SHA-256 | 5164ffb6eab228b4082d203c691906faa9ff32f09f41c3cebe6d941e03b0b9f2
docsify 4.11.6 Cross Site Scripting
Posted Feb 22, 2021
Authored by EgiX

docsify versions 4.11.6 and below suffer from a cross site scripting vulnerability. This vulnerability exists due to an incomplete fix for CVE-2020-7680.

tags | advisory, xss
advisories | CVE-2020-7680, CVE-2021-23342
SHA-256 | 660d129dcc87aa67615bb840ba7c6f92bff103f112e67bbd1690a0f2d2193057
Ubuntu Security Notice USN-4744-1
Posted Feb 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4744-1 - Pasi Saarinen discovered that OpenLDAP incorrectly handled certain short timestamps. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2021-27212
SHA-256 | 1be3627661b44eb2fdb469e07f4928ddf902429965f5d5e8266b6fa4f4fa4338
Ubuntu Security Notice USN-4743-1
Posted Feb 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4743-1 - It was discovered that the GDK-PixBuf library did not properly handle certain GIF images. If an user or automated system were tricked into opening a specially crafted GIF file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2021-20240
SHA-256 | 3284f45ef89382f29f69628c3443e2bdd6d347ec09e247b09817373c2f6ecc55
Red Hat Security Advisory 2021-0617-01
Posted Feb 22, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0617-01 - The xterm program is a terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-27135
SHA-256 | b8db13b799c67210e543cc369f41c6f3236051bfa0278dd95442d7fccc02c9c9
Backdoor.Win32.DarkKomet.irv MVID-2021-0105 Insecure Permissions
Posted Feb 22, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.DarkKomet.irv malware suffers from an insecure permissions vulnerability.

tags | exploit
systems | windows
SHA-256 | e183b2062591943b3cee8f971a983b1c82409c08cd24be0401c482032b6ba256
Trojan.Win32.Pluder.o MVID-2021-0103 Insecure Permissions
Posted Feb 22, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Pluder.o malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | 8a518eb33a34b0d04369bec7aea6fba26440c0d32ebb3bc64268cb45c10f197f
Trojan.Win32.Pincav.cmfl MVID-2021-0104 Insecure Permissions
Posted Feb 22, 2021
Authored by malvuln | Site malvuln.com

Trojan.Win32.Pincav.cmfl malware suffers from an insecure permissions vulnerability.

tags | exploit, trojan
systems | windows
SHA-256 | 9b61243d0eead033e1d266780d4359c048cb707605ad00c4aa48fca3216049d0
Ubuntu Security Notice USN-4742-1
Posted Feb 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4742-1 - It was discovered that Django incorrectly accepted semicolons as query parameters. A remote attacker could possibly use this issue to perform a Web Cache Poisoning attack.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2021-23336
SHA-256 | 407e701df74a66074b561d2e97205076ae3e598e31c63b2b56739a1cf7ebcd34
Red Hat Security Advisory 2021-0619-01
Posted Feb 22, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0619-01 - Stunnel is a wrapper for network connections. It can be used to tunnel an unencrypted network connection over an encrypted connection or to provide an encrypted means of connecting to services that do not natively support encryption.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-20230
SHA-256 | 0804580a5942e5cf829c14d22f6f8dec6f31b02d70cce8363d767ffcc9f6a9ff
Red Hat Security Advisory 2021-0618-01
Posted Feb 22, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0618-01 - Stunnel is a wrapper for network connections. It can be used to tunnel an unencrypted network connection over an encrypted connection or to provide an encrypted means of connecting to services that do not natively support encryption.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-20230
SHA-256 | a5a187df0b460b9f48688c119706d2fe787ad16540715bb06db194e3716d0c03
Red Hat Security Advisory 2021-0620-01
Posted Feb 22, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0620-01 - Stunnel is a wrapper for network connections. It can be used to tunnel an unencrypted network connection over an encrypted connection or to provide an encrypted means of connecting to services that do not natively support encryption.

tags | advisory
systems | linux, redhat
advisories | CVE-2021-20230
SHA-256 | 760e622f206e5b48dce30465bc9e5a827a851e7563d8b477a297b682a9934d9a
Backdoor.Win32.Ketch.h MVID-2021-0101 Buffer Overflow
Posted Feb 22, 2021
Authored by malvuln | Site malvuln.com

Backdoor.Win32.Ketch.h malware suffers from a buffer overflow vulnerability.

tags | exploit, overflow
systems | windows
SHA-256 | 2abc44ddfa9d0b7263959ae5ff30bf3a21837b0e7e1c607d8886493459247df3
Page 4 of 16
Back23456Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close